As detailed in the Fraud Beat Annual Report: A comprehensive analysis of electronic fraud trends and threats throughout 2023, the cybersecurity landscape continues to expand, with attackers leveraging familiar tactics like phishing, branding, information disclosure and malware alongside novel techniques like generative AI to target a wider attack surface. Our Security Operations Center (SOC) saw a significant rise in global incidents throughout 2023, with a 77% increase compared to 2022. Notably, Latin America experienced the greatest impact, witnessing a 60% year-over-year increase in cyberattacks. As remote and hybrid work models are increasingly normalized, organizations and consumers alike face new challenges in securing their data and systems.
Among the year-over-year trends reported by Appgate’s SOC, the following fraud attacks saw the largest increase:
- Information disclosure: A 322% surge in information disclosure attacks highlights the growing threat to personal and professional data.
- Phishing: An 81% increase demonstrates the evolution and escalating sophistication of phishing attack techniques.
- Unauthorized branding: A 51% increase in brand impersonations reveals how cybercriminals leverage trusted brand names to deceive users.
According to the Anti-Phishing Working Group (APWG), more than 1.6 million phishing attacks were recorded in the first quarter of 2023, marking the worst quarter observed for this type of attack. This alarming increase in phishing attacks emphasizes the pervasive nature of cyberthreats in an increasingly digital world and underscores the critical importance of robust cybersecurity measures. Phishing attacks, delivered through various channels like text, email, and phone calls, pose a serious threat across all industries. However, the financial sector bears the brunt of these attacks, experiencing 23.5% of all cases. Closely following are the software as a service (SaaS) sector at 18.8% and social networks at 18.2%, highlighting their shared vulnerability to phishing scams.
In line with our SOC’s data, Information Security Media Group’s Faces of Fraud 2023 study revealed growing concerns about similar cyberattacks. Responding organizations said the most concerning types of fraud attacks are information disclosure (52%), electronic fraud (50%) and phishing (44%).
Other relevant findings in the Fraud Beat Annual Report include these key cybersecurity trends:
- Mobile attacks: Mobile devices and apps are increasingly targeted by cybercriminals due to rising mobile usage. Techniques like SMS phishing and QRishing compromise devices to steal sensitive user data. ISMG’s Faces of Fraud 2023 survey confirms this trend, with mobile fraud up 35%, SMS attacks up 30%, and fraudulent account creation via SMS up 28%.
- Malware as a service (MaaS): MaaS lowers the barrier for cybercriminals to launch sophisticated attacks. Financial institutions have been hit hard, with IBM reporting an average data breach cost of $5.9 million. Malware spreads through infected websites (55%) and emails (29%), as well as compromised app stores.
- Human factor: The human element remains a significant vulnerability, with Verizon's 2023 Data Breach Investigations report revealing that 74% of security breaches involve human errors. Internal threats are alarmingly common (83%), with financial gain as the prime motive (95%).
Forecasting fraud threats and solutions in 2024
In 2024, we anticipate an unprecedented level of sophistication and precision in cyberattacks as cybercriminals weaponize machine learning and AI to enhance their tactics, techniques and procedures, posing even greater threats. Organizations looking to detect and mitigate threats, and safeguard institutional, user and customer data must take a more proactive approach. This involves implementing continuous monitoring, integrating adaptive AI/ML systems and regularly updating security protocols.
But what strategies can organizations implement to move beyond current obstacles and initiate forward-thinking fraud prevention measures? Our experts identify the top three fraud prevention concerns along with strategies for planning ahead:
- Rapidly evolving fraud schemes: The Faces of Fraud report reveals a critical challenge: 83% of organizations struggle to keep pace with rapidly evolving fraud schemes. Combating this requires continuous investment in adaptive technologies and strategies. AI/ML-powered anti-fraud solutions offer predictive analytics and real-time threat detection that outpace traditional defenses.
- Hybrid work challenges: As hybrid work becomes the norm, securing remote endpoints and network communications is imperative. Many organizations are turning to Zero Trust Network Access (ZTNA) for secure user and resource connections. Multi-factor authentication, biometric solutions, and robust access protocols bolster defenses against breaches arising from remote work environments.
- Overreliance on manual processes: 55% of Faces of Fraud survey respondents worry about the overreliance on manual processes that introduce human error and impact the ability to monitor fraud schemes. To address this vulnerability, automated solutions—particularly identity validation and device ID technologies for online platforms—are crucial. Automation reduces the risk of human error, improves response times and optimizes resource allocation.
By incorporating sound fraud protection strategies, organizations can enhance their defenses and effectively navigate relentless threats in a dynamic fraud landscape. While bad actors increasingly exploit AI and ML to adapt their tactics and circumvent defenses, forward-looking organizations are using these cognitive capabilities to transform the way they battle fraud. In fact, 70% of Faces of Fraud respondents reported that their fraud prevention budget will increase this year.
Backed by the power of data analysis, pattern recognition and continuous learning, ML-driven fraud solutions are invaluable for businesses seeking to protect their valuable data and assets to stay ahead of evolving fraud tactics. To combat these relentless threats, Appgate’s fraud protection solutions are strategically engineered to combat existing threats and anticipate new and emerging threats. This provides organizations with a strategic, proactive advantage, unparalleled protection and peace of mind in an increasingly digital world.
Want to read the full Appgate Fraud Beat Annual Report? Download it here.
Article Link: Appgate | Analyzing Fraud Trends and Emerging Threats in 2024 and…